Tensor based framework for Distributed Denial of Service attack detection

Abstract

Distributed Denial of Service (DDoS) attacks are one of the most important security threats, since multiple compromised systems perform massive attacks over a victim, overwhelming its bandwidth and/or resources. Such attacks can be detected, for example, by using supervised machine learning based solutions previously trained on large DDoS attack datasets in order to automatically identify malicious patterns present in the incoming traffic. In addition, since large datasets show inherent multidimensional structures, tensor based detection techniques can outperform the matrix based counterparts. In this context, the development of a DDoS attack detection framework which exploits both machine learning and tensor based approaches is crucial. To face this challenge, this paper proposes a novel tensor based framework for DDoS attack detection using concepts of multiple denoising, tensor decomposition and machine learning supervised classification. Moreover, we also propose an extension of the recent Multiple Denoising algorithm such that the noise present in the dataset instances is more efficiently attenuated. Finally, we validate the effectiveness of our proposed framework through comparison with state-of-the-art low-rank approximation techniques as well as with related works. The proposed approach outperforms its competitor schemes in terms of accuracy, detection rate and false alarm rate.